activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From randomart4 <4randoma...@gmail.com>
Subject cannot change password for 'system' user - master/slave cluster with NFS4 share, using kahadb
Date Sat, 20 Apr 2019 00:08:55 GMT
I am new to amq, so I apologize if this is a stupid question, but I need a
hand.  

was able to test successfully:
failover to the passive node when I shutdown the active node.  Queues
persist.  
admin page configured with AD integration.
    from admin page, can create a topic or queue, browse it, and delete it.
clients can connect using simple auth
    can read or write messages
encrypted the passwords for the clients. 
    everything still works...

However... the 'system' user is using the default password of 'manager', and
the broker clients can (if configured that way) connect as system (this is a
bad thing, yes?).  So I want to change the 'system' password... but when I
do, the admin page stops working.  I have tried shutting off the service,
deleting .../kahabd/* and starting it back up thinking that recreating the
data might be necessary, but that did not help.  An odd thing is that even
though the client passwords are in 'credentials-enc.properties', the service
will not start up without the activemq username and password in
'credentials.properties' AND in 'credentials-enc.properties'.   What...?  

log message:
2019-04-19 18:53:17,992 | WARN  | Failed to add Connection
id=ID:hostname-34896-1555716918132-4:1,
clientId=ID:hostname-34896-1555716918132-3:1 due to {} |
org.apache.activemq.broker.TransportConnection | ActiveMQ VMTransport:
vm://localhost#1-1
java.lang.SecurityException: User name [system] or password is invalid.

broker auth config:
        <plugins>
            <simpleAuthenticationPlugin>
                <users>
                    <authenticationUser username="${activemq.username}"
password="${activemq.password}" groups="admins,AMQAdmins"/>
                    <authenticationUser username="user1"
password="${user1.password}" groups="users_r,users_w" />
                    <authenticationUser username="user2"
password="${user2.password}" groups="users_r,users_w" />
                </users>
            </simpleAuthenticationPlugin>
            <authorizationPlugin>
                <map>
                    <authorizationMap>
                        <authorizationEntries>
                            <authorizationEntry queue=">"
read="users_r,AMQAdmins" write="users_w" admin="AMQAdmins"/>
                            <authorizationEntry topic=">"
read="users_r,AMQAdmins" write="users_w" admin="AMQAdmins"/>
                        </authorizationEntries>
                    </authorizationMap>
                </map>
            </authorizationPlugin>
        </plugins>

thank you for any help!  Im sure I am just thinking of something wrong...
just not sure what yet...



--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-f2341805.html

Mime
View raw message